<?php
	include("includes/config.php");
	include("includes/head.php");
	include("includes/nav.php");
?>
<html>
	<head>
		<title>
			<?PHP
				echo $site_name;
			?>
			:: Login
		</title>
	</head>
	<body>
		<form method="post" action="">
			<table border="0" align="center">
				<tr>
					<td>
						<center>
							Login
						</center>
						<hr>
					</td>
				</tr>
				<tr>
					<td>
						<label>
							Username: 
						</label>
						<input name="user" type="text">
					</td>
				</tr>
				<tr>
					<td>
						<label>
							Password: 
						</label>
						<input name="pass" type="password">
					</td>
				</tr>
				<tr>
					<td>
						<input type="submit" name="submit" value="Submit">
					</td>
				</tr>
			</table>
		</form>
	</body>
</html>
<?php
	include("includes/foot.php");
	include("includes/db.php");
	if ($_POST['submit'] == "Submit")
	{
		$user = $_POST['user'];
		$pass = $_POST['pass'];
		$password = md5($pass);
		$query = "SELECT password FROM users WHERE username='$user'";
		$result = mysql_query($query) or die(mysql_error());
		$output = mysql_result($result, 0);
		if ($output == $password)
		{
			setcookie("user", $user, time()+3600);
			setcookie("pass", $password, time()+3600);
			header("Location: index.php");
		}
		else
		{
			echo "Sorry, incrorrect password. Please try again. $output";
		}
	}
?>
